|
| |
| | Open vs. Closed Source Software |
 | | Source Code: This is the code written by a human being in a computer language. | | | The source code is compiled into machine language and then used by the computer. | | | If you are new to computers then closed source software is probably for you, as the cost of training and getting yourself competent will exceed getting the cost of buying easier to use software. |
|
http://www.scienceinafrica.co.za/2004/january/software.htm
(1529 words)
|
|
| |
| | Open source vs. closed source - Wikipedia, the free encyclopedia |
| | Closed source programs have fewer advisories, but open-source software usually has less times between flaw discovery and a patch or a fix. | | | For example, many open source web programs using PHP have serious security problems and although these problems are being fixed, they are only fixed when affected end users prompt the developers about the problem. | | | Other people believe that open source software is more secure than closed source software. |
|
http://en.wikipedia.org/wiki/Open_source_vs._closed_source
(1315 words)
|
|
| |
| | Open source software is better for society than proprietary closed source software |
| | Closed source programmers are less likely to have a personal stake in a program; usually, they write code because they are paid to write it, not because it is software that they want to or need to use. | | | With open source software, the issue of an undocumented protocol cannot arise--the source code to a program implementing a protocol is a well-defined specification for the part of the protocol that the program implements. | | | Additionally, you are provided with "source code" to the software, which allows you to modify the software in order to fix bugs, add features, or integrate it with other software. |
|
http://www.stanford.edu/~blp/writings/anp/oss-is-better.html
(5558 words)
|
|
| |
| | Closed source - Wikipedia, the free encyclopedia |
| | Generally, it means only the binaries of a computer program are distributed and the license provides no access to the program's source code, rendering modifications to the software technically impossible for practical purposes. | | | The term may also refer to programs whose source code is available, but under conditions that conflict with the Open Source Definition. | | | Microsoft's "shared source" initiative is a prominent example of this. |
|
http://www.wikipedia.org/wiki/Closed_source
(187 words)
|
|
| |
| | Closed Source-Open Source |
| | Closed Source software is code that is written and compiled into machine instructions that allow you to do things with your computer like read this. | | | Open Source software is code that is written and compiled into machine instructions that allow you to do things with your computer as well. | | | The source code is held by the folks who developed the program. |
|
http://www.lemurzone.com/edit/converse39.htm
(778 words)
|
|
| |
| | Explore Open Source Alternatives |
| | Closed source software is any software whose source code is hidden from the public view. | | | Open source software is developed with the source code freely available; anyone can use the software, and make changes to it as necessary. | | | Since open source code solutions do not fit the traditional procurement model in that there is not usually a vendor promoting and proposing the product, it is recommended that state departments actively research and evaluate open source code alternatives prior to considering use of the traditional procurement model for software. |
|
http://cpr.ca.gov/report/cprrpt/issrec/stops/it/so10.htm
(1674 words)
|
|
| |
| | Commentary by Randy Boring on debugging by testing : Open is still much better than closed source |
| | If a bug report makes it back to a closed source developer group, and they don't have time, don't see the need (they may have a different notion of the program's purpose), lose the report, can't find the solution, or for any reason fail to fix the bug, the user is at a loss. | | | Closed source projects are subject to the staffing limitations of a smaller developer pool. | | | Additionally, the quality of error reports are also increased if the testers can inspect the source and give the project team a better pointer to the problem (perhaps pinpoint the procedure, even if the user doesn't feel competent to rewrite it himself). |
|
http://www.mibsoftware.com/bazdev/0015.htm
(820 words)
|
|
| |
| | The security implications of open source software |
| | Open source software, by definition, is any program or application that is freely distributed, non-platform specific -- and in which the programming code is open and visible. | | | Another complaint with open source software is that most bugs are found after the program has been compiled, tested, and distributed -- not because someone sat down in advance and looked at the code for holes, but because something goes wrong in its use. | | | In the software community, you "lock up" the programming source code as a means of securing it against hackers and competitors. |
|
http://www-128.ibm.com/developerworks/linux/library/l-oss.html?open&I=252,t=gr,p=SeclmpOS
(2150 words)
|
|
| |
| | Closed Source Is Fertile Ground for Foul Play |
| | Closed source advocates wrongfully maintain that the lack eyes looking at the source tends to prevent problems as well as inefficiencies from being discovered—and that those same lack of eyes would not miss and fail to repair maliciously inserted code as well. | | | There are several reasons that closed source software—and Windows in particular—are seeing such a dramatic uptick in use, including Microsoft’s extensive Windows support effort over the past several years, and the perception that Windows is more secure than Linux, despite the fact that both products are riddled with software security holes. | | | The products of the closed source software development model have become increasingly entrenched in large organizations and governments, primarily in the form of Windows, an expensive closed-source operating system, the expensive closed-source IIS Web server, and closed source office suites. |
|
http://www.swoogan.com/Closed_Source.html
(1261 words)
|
|
| |
| | Open Source Versus Closed Source Security |
| | Secure design, source code auditing, quality developers, design process, and other factors, all play into the security of a project, and none of these are directly related to a project being open or closed source. | | | Although you can take an open source project, compare it against a closed source project, and say that one is more secure than the other based on some number of observations or measurements, this determination will probably be based on factors other than the nature of the project's open or closed source code. | | | On the other hand, I've seen some vulnerabilities in open source software that are so obscure (some of the Sendmail prescan() vulnerabilities come to mind), that you wonder if it would be feasible to discover a similar issue in a closed source project at all. |
|
http://www.securityfocus.com/columnists/269
(1109 words)
|
|
| |
| | Closed Source and Reliability |
| | One of my biggest problems with closed source is how it reduces my ability to use software I have paid for. | | | closed source - especially windows tends to use obscure undocumented files and keys and rubbish all over your hard drive - this makes it hard to remove / or reinstall and particularly hard to recoever from problems, and disasters. | | | I understand where you are coming from, as I have had to deal with lots of Closed Source software. |
|
http://use.perl.org/comments.pl?sid=13251&cid=20640
(315 words)
|
|
| |
| | Closed source is more secure – MS The Register |
| | Lipner argued that network administrators are better off spending their time reading log files and installing patches than poring over source code looking for security holes, and the system of 'peer review' that works well for vetting encryption algorithms, doesn't work to evaluate large pieces of software for flaws. | | | Lipner slammed the open source development process, suggesting that the often-voluntary nature of creating works like the Linux operating system make it less disciplined, and less secure. | | | The head of Microsoft's security response team argued here Thursday that closed source software is more secure than open source projects, in part because nobody's reviewing open source code for security flaws. |
|
http://www.theregister.co.uk/content/8/18286.html
(556 words)
|
|
| |
| | O'Reilly Network: Open Source and Open Standards |
| | Open Standards versus Open Source, Jonathan Schwartz of Sun Microsystems argues that open standards (i.e., open protocols) are more important than open source code. | | | Dave Winer, while cautioning against the often-obfuscated output of the major standards bodies, celebrates the diversity that results from open formats and protocols: small development houses are free to create closed implementations and thus are not tied to restrictive licenses such as the GPL. | | | The problem of open source programs trying to implement programs that works over closed standards is DMCA. |
|
http://www.onlamp.com/pub/a/onlamp/2003/04/29/openstandardsopensource.html
(1711 words)
|
|
| |
| | The Case for Open Source/Closed Standards |
| | I see it as a novel approach to solving the problem of opening up proprietary software and systems. | | | There is a simple solution - open source the code under a genuinely free license, but maintain the Java trademarks based on published APIs and test suites. | | | Instead of waiting for Sun to make up their mind where they want to go today, I prefer to keep working on a better Kaffe and GNU Classpath, together with other free software runtimes. |
|
http://www.oreillynet.com/pub/wlg/5651
(2481 words)
|
|
| |
| | Closed Source Hardware |
| | Trust with hardware vendors for open source systems is becoming a one-way street, where in exchange for support they offer a closed source binary solution with no provision to audit security. | | | This, of course, is great news; I'm happy that the vendor has at least allowed open source operating systems to support their hardware, and even more so, I'm thankful that a developer spent the time to make it happen. | | | In general, this mean an increase in support for the open source operating systems -- a rapidly growing segment of the market that drives new hardware purchases -- from the various hardware-producing vendors. |
|
http://www.securityfocus.com/columnists/281
(1064 words)
|
|
| |
| | Damicon - Open source versus closed source |
| | If open source is to have staying power, it must generate new ideas that improve software programs not just copy someone else's work. | | | The most common model is closed source, better known as commercial software. | | | Open-source programs always include source code for those interested in peering into how the program does what it does and possibly contributing to the development effort. |
|
http://www.damicon.com/resources/openvsclosed.html
(1096 words)
|
|
| |
| | Open & Closed Source |
| | The Open source definition is a bill of rights for the computer user. | | | When a programmer makes a Closed Source program it is more difficult to compete with those who make Open Souce programs. | | | Programmers are assured of rights when the contribute to Open Source which are: The right to make copies of the program, and distribut those copies. |
|
http://www.southern.dpsnc.net/~gunterj/opensource.html
(312 words)
|
|
| |
| | Open or Closed Source Code Irrelevant to Security |
| | What's more, the source code is not available to the general public, so it's not likely that the curious people with way too much free time on their hands will find bugs and flaws in the software. | | | Whether the source code (and design documentation, for that matter) become open or closed is utterly irrelevant to the security of the software. | | | Keeping source code closed to external scrutiny, in and of itself, does little if anything to affect the security of the software. |
|
http://www.esecurityplanet.com/views/article.php/3524356
(1142 words)
|
|
| |
| | Open Source Initiative OSI - FAQ:Advocacy |
| | The term "open source" has a technical meaning in the intelligence community; it refers to publicly accessible intelligence sources such as newspapers. | | | The Open Source Initiative is a marketing program for free software. | | | The bad guys will find the holes whether source is open or closed (for a perfect recent example of this see The Tao of Windows Buffer Overflow). |
|
http://opensource.org/advocacy/faq.php
(1355 words)
|
|
| |
| | The Risks of Closed Source Computing |
| | As an aside to the main discussion, one reason that the Beowulf clusters have been so dramatically successful is that it is a set of open source software that allows the replacement of proprietary closed mainframe hardware with standard PC components. | | | In an open source world they can do far more than just talk - they have the same access to source code and rights to fix it as the large vendors. | | | There is also no comeback in a closed source environment. |
|
http://www.ibiblio.org/oswg/oswg-nightly/oswg/en_US.ISO_8859-1/articles/alan-cox/risks/risks-closed-source/risks.html
(1212 words)
|
|
| |
| | The Old Joel on Software Forum - Chris Stone on Open/closed source |
| | Luckily, most open source software is highly technical software, installed on servers or used by developers during the development process. | | | The software happened to be open source but it could have been Google search algorithms or Longhorn. | | | Yeah, except that when you implement something in your own software that is open source, you need to share your whole software as open source now. |
|
http://discuss.fogcreek.com/joelonsoftware/default.asp?cmd=show&ixPost=145250
(2346 words)
|
|
| |
| | The Case of the Quake Cheats |
| | So, far from being a telling strike against open source, the case of the Quake cheats actually highlights the kinds of biases and subtle design errors that creep into software when it's designed for closed-source distribution and performance at the expense of security. | | | If Quake had been designed to be open-source from the beginning, the performance hack that makes see-around-corners possible could never have been considered — and either the design wouldn't have depended on millisecond packet timing at all, or aim-bot recognition would have been built in to the server from the beginning. | | | Thus Carmack's suggestion of a closed-source Quake-launcher program that would take a checksum of the client binary, communicate with the server to make sure the binary is on an approved list, and then handle communication with the server over a cryptographically-secured channel. |
|
http://www.catb.org/~esr/writings/quake-cheats.html
(1758 words)
|
|
| |
| | Slashdot Security of Open vs. Closed Source Software |
| | Granted, given the nature of open source software, the population of people who may repair a bug may be larger than that for closed applications, but that doesn't force into being an army of people with the inclination or skills to do so, or an effective and trustworthy means to distribute said fixes. | | | Closed source software does not tend to respond as fast or offer the flexibility of allowing users to analyze the code. | | | All this shows is that open source software has had more bugs discovered and fixed than we would have liked there to have been in the first place. |
|
http://slashdot.org/articles/02/06/21/1227222.shtml
(4263 words)
|
|
| |
| | EnderUNIX Software Development Team |
| | In closed source systems, you cannot expect this kind of help and support. | | | In open source systems, you see that many the other users of the community are | | | In Closed source systems, since you don't have the source code, then you will |
|
http://www.enderunix.org/docs/opensource_vs_closedsource.html
(864 words)
|
|
| |
| | Bumblebee: closed source |
| | We understand the value of source when doing advanced integration work, such as writing new adapters, and for people/companies who purchase BumbleBee source code is absolutely negotiable. | | | To test software you've > got to be able to find out what's going wrong when things fail, and you > can't do any effective debugging when the source code is all hidden. | | | As part of that we could provide you with source if you think it would help your work. |
|
http://www.stylusstudio.com/xquerytalk/200311/reply172000.html
(814 words)
|
|
| |
| | NewsForge Sun's new licenses: 'Closed open source' |
| | That Sun couldn't bring themselves to open source (in the true sense of the phrase) Java is no suprise, they had the same problem with Solaris. | | | And to sow FUD about IBM because they are using the Red Hat distro in the majority of their computer sales (again, as has been made clearer in their more recent attacks on IBM and this alliance thing with EDS and Microsoft against IBM). | | | If however, you decide to use the hard work of others as a basis for your own work which would not work without the base of the GPL'd work, then you must distribute the resulting code along with the application or hardware that you include the code with. |
|
http://programming.newsforge.com/programming/05/03/17/0148217.shtml?tid=54
(2834 words)
|
|
| |
| | Open Source vs. Closed Source - snook.ca |
| | You can't really get contributors to an open source project until there is some working code. | | | Any project with the same number of people doing code review, whether it’s open or closed, will find approximately the same number of bugs and security issues. | | | Development: in developing the initial app, you'll probably do most of the work yourself, so you don't get anything free there. |
|
http://www.snook.ca/archives/000247.html
(1404 words)
|
|
| |
| | Wired News: Did MS Pay for Open-Source Scare? |
| | But open source software is presented to a very large and knowledgeable audience of software development peers. | | | "Opening the Open Source Debate," a white paper slated to be released Friday by the Alexis de Tocqueville Institution, indicates that open-source software is inherently less secure than proprietary software. | | | Since malicious hackers cannot view the underlying code of propriety software, they can't study it to discover possible exploits, a principle known as "security through obscurity," according to Bill Wall and Darwin Ammala of Harris Corporation's STAT computer security unit. |
|
http://www.wired.com/news/linux/0,1411,52973,00.html
(800 words)
|
|
| |
| | Talkback - Closed, Open Source Share Compatibility Problems |
| | closed sourced is always behind the latest and greatest software that is out there. | | | this is more of a problem with closed source than it is with open source. | | | Or you can wait for the developers to do their testing and release the binaries. |
|
http://www.eweek.com/talkback_details/0,1932,s=25992&a=167242,00.asp?m=13911
(547 words)
|
|
| |
| | LWN: RELEASE: OSIA Warns Against the use of Closed Source Software for National Security Purposes |
| | "Additionally, the full compilation and build environment, that is, the environment on which the software can be converted from source code to machine binary code, would need to undergo a similar auditing and confirmation process. | | | "The key difference with open source software is that such an attempt will be found and extirpated. | | | Borland's Interbase SQL-server had an inbuilt back-door which exposed possibly hundreds of thousands of computers and confidential data-stores to malicious attack. |
|
http://lwn.net/Articles/85796
(611 words)
|
|
| |
| | ongoing · When Secrets Make Sense |
| | Recently I wrote a short piece making a strong and general claim that the same forces that are pushing data towards XML are pushing software towards Open Source. | | | I think that, as Joe says, there are places in software where secrets make business sense; but we disagree as to where they are. | | | Another piece that’s relevant here is Joel Spolsky’s Things You Should Never Do, Part I, which contains the obvious but often-overlooked finding: It’s harder to read code than to write it. |
|
http://www.tbray.org/ongoing/When/200x/2004/12/02/Secrets
(694 words)
|
|
| |
| | Closed Source Tests damage careers, schoolchildren |
| | source for actual user bug-reports could be 'open.' | | | BW> contain the problem than having open source code. | | | An instance of this is the Debian bug database which I occasionally |
|
http://zgp.org/linux-elitists/Pine.LNX.4.31.0105211642230.25158-100000@emperor.deirdre.org.html
(2519 words)
|
|
| |
| | Linux Kernel: Re: Why is Nvidia given GPL'd code to use in closed source drivers? |
| | Re: Why is Nvidia given GPL'd code to use in closed source drivers? | | | Linux Kernel: Re: Why is Nvidia given GPL'd code to use in closed source drivers? | | | : Vlad_at_Vlad.geekizoid.com: "RE: Why is Nvidia given GPL'd code to use in closed source drivers?" |
|
http://lists.insecure.org/lists/linux-kernel/2003/Jan/1184.html
(331 words)
|
|
| |
| | An Empirical Study of Open-Source and Closed-Source Software Products |
| | Index Terms- Open source, software metrics, empirical studies, software growth models. | | | Mockus, R.T. Fielding, and J. Herbsleb, "A Case Study of Open Source Software Development: The Apache Server," Proc. | | | [10] J.W. Paulson, An Empirical Study on the Growth of Open Source and Commercial Software Products master's thesis, Dept. of Electrical and Computer Eng., Univ. of Calgary, Alberta, 2001. |
|
http://csdl2.computer.org/persagen/DLAbsToc.jsp?resourcePath=/dl/trans/ts/&toc=comp/trans/ts/2004/04/e4toc.xml&DOI=10.1109/TSE.2004.1274044
(470 words)
|
|
| |
| | Schneier on Security: DUI Cases Thrown Out Due to Closed-Source Breathalyzer |
| | I agree that we need to have the source code for defense purposes, but I don't agree with you here. | | | In court, it would be reasonable to ask how precise the machines are and perhaps even have an expert to testify about the technical details, but asking for source code is plain silly. | | | Posted by: Joseph at September 16, 2005 08:22 AM The problem is it's not widespread. |
|
http://www.schneier.com/blog/archives/2005/09/dui_cases_throw.html
(7769 words)
|
|
| |
| | Code Breaking: Open-Source, Closed Minds |
| | For example, the global positioning system was set free for commercial development by Ronald Reagan in the 1980s. | | | There's something obvious to anyone close to technology today: Nonproprietary technology helps proprietary enterprise. | | | As Bradford Smith, general counsel of Microsoft Corp. has written about software, "Both open-source and commercial software are integral parts of the broader software ecosystem." Either alone, I might add, would produce a weaker "software ecosystem." |
|
http://www.cioinsight.com/article2/0,3959,1309519,00.asp
(1309 words)
|
|
| |
| | Linus Torvalds defers closed source crunch Channel Register |
| | Linux founder Linus Torvalds may soon be using a proprietary, closed source code management tool for Linux kernel development, to the dismay of many in the open source community. | | | McVoy first showed his designs for a distributed source code management system to Torvalds in 1998, and BitMover began hosting the kernel tree in 2001. | | | In 1985, Richard Stallman began the GNU project to create a free operating system by building a free toolchain - the GNU compiler and GDB debugger - for developers to use. |
|
http://www.theregister.co.uk/2005/04/06/torvalds_bitkeeper
(809 words)
|
|
| |
| | Happy Software Prole » Closed-Source Runtimes |
| | Open Source: A good entry at sourcefrog.net describing some reasons people are driven to use open source — the closed-source component library one, in particular, drives me nuts. | | | Invariably, getting access to source, and being allowed to fix bugs in it, is a key issue — and one that continually drives developers to open source/free software libraries. | | | RMS has been saying this for years, of course. |
|
http://taint.org/2004/03/11/202234a.html
(614 words)
|
|
| |
| | California urged to use open source, VoIP Tech News on ZDNet |
| | And it's in, of course, the final line (open source is a much sexier lead). | | | Open-source software has benefits over its proprietary cousins as well, the report stated. | | | "Since the code is open, it offers the flexibility for organizations to modify the code as needed for specific uses...open source can (also) provide superior security than closed source." |
|
http://zdnet.com.com/2100-1104_2-5309476.html
(630 words)
|
|
| |
| | The Risks of Closed Source Computing |
| | One large vendor likes to talk about the risks of Open Source software, but the strange thing is, the risk is actually in closed technologies. | | | Distribution of modified versions of this document is prohibited without the explicit permission of the copyright holder. |
|
http://www.ibiblio.org/oswg/oswg-nightly/oswg/en_US.ISO_8859-1/articles/alan-cox/risks/risks-closed-source/index.html
(87 words)
|
|
| |
| | Nvidia updates closed-source drivers for open-source OSes News.blog CNET News.com |
| | That means that programmers can't adapt the software on their own for other systems, such as Linux on Power processors or OpenSolaris. | | | Nvidia supplies executable drivers only, not the source code that underlies the software. | | | But the company doesn't want to release the source code for several reasons. |
|
http://news.com.com/2061-10795_3-5762319.html?part=rss&tag=5762319&subj=news
(373 words)
|
|
| |
| | Study: Open, closed source equally secure |
| | For example, the same quality that makes it easier to find bugs in open-source code may also make it easier for attackers to find ways to exploit the code. | | | Under the analysis, Anderson found that his ideal "open-source" programs were as secure as the "closed-source" programs. | | | A little for the open source community, and a little for the closed source community. |
|
http://www.freerepublic.com/focus/news/703436/posts
(951 words)
|
|
| |
| | Linux Today - Tux Racer to be closed source- GPL Project Continues |
| | Tux Racer is the Free Software community's premier 3d game, and I only found out about the future closed source release in emails from Sunspire. | | | This game is a jewel on the crown Free Software/Open Source gaming; don't let it fall out only to be trampled and lost. | | | Re: Re: Re: Another open source project saved.... |
|
http://www.linuxtoday.com/news_story.php3?ltsn=2001-08-02-011-20-NW-GM
(1021 words)
|
|
| |
| | DUI Defendants Skip Charge By Asking How Test Works: From The Tampa Tribune |
| | All four of Seminole County's criminal judges have been using a standard that if a DUI defendant asks for a key piece of information about how the machine works - its software source code, for instance - and the state cannot provide it, the breath test is rejected, the Orlando Sentinel reported Wednesday. | | | Prosecutors have said they do not know how many drunken drivers have been acquitted as a result. | | | SANFORD - Hundreds of cases involving breath-alcohol tests have been thrown out by Seminole County judges in the past five months because the test's manufacturer will not disclose how the machines work. |
|
http://tampatrib.com/floridametronews/MGBUBJ5QK9E.html
(245 words)
|
|
|
